search

CrowdStrike / falcon-helm

Helm Charts for running CrowdStrike Falcon with Kubernetes
https://artifacthub.io/packages/helm/falcon-helm/falcon-sensor
Apache License 2.0
76 stars 72 forks source link

Ability to read sensitive data (cid) from k8s secret #326

Open poonsalai opened 1 month ago

poonsalai commented 1 month ago

Hi Team

Seems right now the helm chart for falcon-sensor is accepting the falcon-cid only via helm chart values.yaml. But as that is treated as a sensitive value, it would be great to have an option in chart where user can pass a k8s secret and the cid value can be read from there, with that way there will be no need to put the secret in helm or checked in repo as well.

https://github.com/CrowdStrike/falcon-helm/tree/falcon-sensor-1.28.1/helm-charts/falcon-sensor

FALCONCTL_OPT_CID: {{ .Values.falcon.cid }}

Could you please suggest if this can be taken on priority and worked upon.

Thanks Sharad

nmohoric commented 1 month ago

They've closed multiple pull requests related to this and their reasoning makes no sense. Good luck.

https://github.com/CrowdStrike/falcon-helm/pull/273#issuecomment-2023072790